This Privacy Notice explains what personal information we receive when you contribute to the PX-failure survey, how we use and share it, how long we keep it, and your rights. In it, "Chordio," "we," and "us" mean Chordio, Inc.; "you" means the person who runs the survey and chooses to send us the result. This notice forms part of, and is incorporated into, the Survey Contribution Terms.
The survey prompt runs on your own machine. Your source code, full prompts, full file contents, and your agent's raw conversation history are processed locally and never reach us — the prompt only ever emits a small summary designed to minimize identifiers, and even that is sent to us only if you choose to submit it. By contributing you confirm you are at least 18 years old.
In plain terms: the submission you send is built to minimize identifiers, and you review and redact it before sending. We store it in our own cloud storage, keep any contact email and request metadata separate from it, publish only aggregates, and let you ask us to delete it while we can still identify it. We do not sell your data, the site carries no advertising, and the only analytics we use are cookieless and aggregate.
For deletion requests and any other privacy request, contact support@chordio.com. California residents should also see section 7; EU and UK residents, section 8.
1. What we collect
What you provide. When you choose to submit, we receive:
- The submission itself — the JSON the prompt produces: counts and short evidence quotes (limited to 200 characters), designed to exclude source code and to minimize identifiers.
- The setup profile inside that JSON — public coding-agent skill and tool names, counts (not names) of any custom ones, and only whether a rules file such as CLAUDE.md was present, never its contents.
- An optional note, if you add one.
- An optional email address, if you give one — used only so you can request deletion later and exercise privacy rights, and stored separately from your submission (see sections 4 and 5).
What we receive automatically when you submit. Because the submission travels over the web, we receive your IP address, your browser user-agent, and the time of submission. We use this technical metadata to operate the form, validate Cloudflare Turnstile, rate-limit abuse, maintain a consent and security record, and respond to privacy requests. We store the request metadata separately from the submission JSON, as described in section 4. Your browser also sends standard log data (such as request headers) in the ordinary course to us and to our hosting provider.
Aggregate site analytics. Like most sites, we measure traffic and performance using Vercel Web Analytics and Vercel Speed Insights. Both are cookieless and collect only aggregate page-view and performance data; they do not set cookies, do not build a profile of you, and are not used to identify you.
Cookies and similar technologies. The survey requires no account and no sign-in, and we set no analytics, advertising, or tracking cookies (the analytics above are cookieless). To confirm that submissions come from a person rather than a bot, the page uses Cloudflare Turnstile, which may set a strictly-necessary cookie or store a short-lived token in your browser solely to perform that check. We do not respond to "Do Not Track" signals because we do not track you across sites.
What never reaches us. As noted above, source code, full prompts, file paths, repository names, client or employer names, secrets, and your agent's raw conversation history are not part of the submission. The local-only design and your review-and-redact step in the Terms are what keep them out.
2. How we use what we collect, and our legal basis
We use submissions and the metadata attached to them to:
- conduct this research and build the PX-bench benchmark, our public and academic papers, and our products and services;
- record and honor your consent, and manage and act on deletion or withdrawal requests;
- prevent abuse of the submission form (for example, bot filtering via Cloudflare Turnstile, and rate limiting);
- keep our systems secure; and
- comply with legal obligations and protect our rights and those of others.
For contributors in the EU, UK, and comparable regimes, our lawful basis for processing the submission and any optional contact email is your consent, which you give by choosing to send us your submission after reviewing this notice and the Terms. You can withdraw that consent at any time (see sections 6 and 8). For security, abuse prevention, request verification, and protection of our rights, we rely on our legitimate interests where allowed by law. Where we must retain or disclose information to comply with law, our basis is legal obligation.
3. How we share it, and our sub-processors
The submission itself is designed to minimize identifiers, and we do not sell it or share it (as those terms are defined under the CCPA) for advertising or anyone else's commercial purposes. We require service providers who process personal information for us to use it only for our instructions, keep it confidential, protect it with appropriate security, and not use it for their own independent purposes. We disclose personal information only as follows:
- Service providers (sub-processors) who process data on our behalf:
- Amazon Web Services (Amazon S3) — stores submissions and, separately, the optional contact-email records, as a processor under its data-processing terms.
- Cloudflare (Turnstile) — runs the bot-prevention check on the submission form; it receives your IP address and a challenge token at submission time.
- Vercel — hosts the survey site and processes request metadata (such as IP address and user-agent) in order to serve the page and route your submission to our storage. Vercel also provides our cookieless Web Analytics and Speed Insights, receiving aggregate page-view and performance data.
- Business transfers — if we are involved in a merger, acquisition, financing, reorganization, or sale of assets, personal information may be disclosed to counterparties and transferred to a successor or affiliate as part of that transaction.
- Legal requirements — when we believe in good faith that disclosure is necessary to comply with law or legal process, to protect our rights or property, to prevent fraud, or to protect the safety of any person.
- With your consent — to anyone else, at your direction or with your consent.
We do not send your submission to any AI or LLM provider at the time you submit it. The analysis prompt runs on your machine; nothing about the submission is routed to a model in order to accept it. We reserve the right to process the corpus with AI service providers as part of our research analysis in future; if we do, those providers receive only the corpus data needed for that work — never your identity or contact details — and must act as our processors under written restrictions, including confidentiality and no model-training or independent-use rights except as we expressly permit for our work. We will update this notice before relying on any such provider.
4. How we store and separate it
When a submission reaches us, our submission endpoint:
- mints an opaque submission ID for it;
- writes the submission JSON to a corpus store under that ID, with no email, IP address, or user-agent inside; and
- writes the submission ID, timestamp, request metadata, consent record, and any optional email you supplied to a separate identity and consent store, so your contact details and request metadata never live inside the corpus object.
The write path used by the website can only add objects, not read or list them; reading the corpus for analysis and running deletions use separate, tighter credentials. Stored data is encrypted at rest.
Pseudonymized, not anonymous, while we hold the link. While we hold the identity and consent record, your submission is pseudonymized — stored under an opaque ID and kept separate from your contact details and request metadata — but it is not anonymous. A short verbatim quote, combined with the model, domain, and the fact that you sent it, could in principle be traced back to you. We therefore treat submissions as personal data, not as "deidentified" data, until that link is deleted. After the link is deleted, we publicly commit not to try to reidentify the remaining corpus entry except where necessary to honor a privacy request, investigate abuse or security incidents, or comply with law.
5. How long we keep it
We keep different categories for different periods:
- Survey data in the corpus. We keep the submission JSON for as long as it remains useful to our research, the benchmark, and our products. While we hold the identity and consent record, that data is pseudonymized: it carries no contact details inline, but it remains personal data because we can still re-link it. If you make a valid deletion or withdrawal request while we can still identify your submission, we delete the linked corpus entry.
- Identity, contact, request metadata, and consent records. We keep the separate record linking a submission ID to any optional email, IP address, user-agent, timestamp, and consent confirmation for up to 24 months after submission, unless we need it longer for an active privacy request, dispute, legal obligation, abuse investigation, or security incident. We delete it earlier once it is no longer needed for those purposes. After that record is deleted, the remaining corpus data is no longer reasonably linkable to you.
- Privacy request records. We may keep records of privacy requests and our responses for as long as needed to document compliance and protect our rights.
- Provider logs. Our hosting, security, and infrastructure providers may keep their own operational logs under their own retention practices and our agreements with them.
6. Your choices and rights
You can ask us to access, correct, or delete your submission and contact data, or to withdraw your consent, by emailing support@chordio.com. If you have a submission ID, including it helps us find your record. If we can identify the linked submission, withdrawing consent means we will stop future processing of the linked raw submission and delete it and the linked contact record, except where we need to retain limited records for legal, security, or rights-protection purposes. Withdrawing consent does not affect processing we already carried out lawfully.
The limits on deletion are set out in section 13 of the Terms: once the identity link is gone, or once your contribution has been pooled into a published aggregate, we can no longer single out your specific contribution, and we do not automatically retract published aggregates, papers, methodology, or redacted examples.
EU and UK residents have further rights, listed in section 8.
7. California privacy rights
The California Consumer Privacy Act, as amended by the CPRA (the "CCPA"), grants California residents certain rights. We provide this section for California residents. To the extent the CCPA applies to Chordio, we are a "business" for the practices described here.
Notice at collection. Depending on whether you submit an email and what you include in the JSON, we may collect these categories of personal information:
- Identifiers — optional email address, IP address, submission ID, and timestamps. We use them for consent records, deletion and rights requests, abuse prevention, security, and legal compliance. We retain them as described in section 5 and disclose them to service providers listed in section 3.
- Internet or network activity — user-agent, request headers, Turnstile-related metadata, and technical metadata of your submission. We use them for form operation, Turnstile validation, rate limiting, security, consent records, and legal compliance. We retain them as described in section 5 and disclose them to service providers listed in section 3.
- Contents of your submission — counts, short quotes, setup profile, and any optional note, designed to minimize identifiers. We use them for research, PX-bench, publications, products, security, and legal compliance. We retain them as described in section 5 and disclose them to AWS and, if applicable in the future, restricted processors who help us analyze the corpus.
- Inferences — aggregate findings we derive from the corpus. We use them for research, publications, benchmarking, and products. We retain aggregate inferences as long as useful and may publish them in aggregate form.
We collect this information directly from you and your browser when you submit, and we use it for the purposes in section 2. We do not collect sensitive personal information for the survey, and we do not use sensitive personal information in a way that triggers a right to limit.
We do not sell or share your personal information (as those terms are defined under the CCPA), and we do not knowingly sell or share the personal information of anyone under 16.
Your CCPA rights. Subject to exceptions in the law, you may: request to know what personal information we have collected and how we have used and disclosed it; request to delete it; request to correct inaccurate information; opt out of sale or sharing (we do neither); and be free from discrimination for exercising these rights. We do not use sensitive personal information in a way that triggers a right to limit.
How to exercise them, and verification. Contact support@chordio.com. Because the survey has no accounts, we verify a request by matching it to the email you provided with your submission and to the submission ID; if you gave us no email, we may be unable to associate any stored data with you. You may use an authorized agent who presents signed written permission, and we may still ask you to verify your identity directly.
8. EU and UK residents
If you are in the EU or UK, Chordio, Inc. is the controller of your personal information. Our lawful bases are described in section 2. In addition to the choices in section 6, you have the rights to access, rectify, erase, restrict, and object to our processing, the right to data portability, the right to withdraw consent at any time where consent is the basis, and the right to lodge a complaint with your data-protection supervisory authority. To exercise any of these, contact support@chordio.com. Because the survey has no accounts, we may need your submission ID and, if you supplied one, your email address to verify and fulfill a request.
9. International data transfers
We store and process data in the United States (our service providers in section 3 are US-based or operate US infrastructure). If you contribute from outside the United States, including from the EU or UK, your personal information will be transferred to and processed in the United States, where privacy laws may not provide the same level of protection as your home jurisdiction and where government authorities may have access under applicable law.
Where transfer safeguards are required, we rely as applicable on adequacy mechanisms such as the EU-U.S. Data Privacy Framework or UK extension for participating providers, standard contractual clauses, the UK International Data Transfer Addendum or IDTA, transfer impact assessments and supplementary measures, and processor data-processing terms. Where a contributor-initiated transfer requires and permits a derogation, we may rely on your explicit consent to that transfer, which you give by choosing to submit after reviewing this notice.
10. Children
The survey is not directed to anyone under 18, and we do not knowingly collect personal information from children. If you believe a child has contributed, contact support@chordio.com and we will delete the information.
11. Security
You contribute at your own risk, but we take it seriously. We apply commercially reasonable technical and organizational measures designed to protect personal information: access controls and least privilege on both the corpus and the separate identity store, a website write-path that can only add objects (not read or list them), separation of contact details from submissions, and encryption at rest. No method of transmission or storage is ever fully secure, and email in particular is not, so take care over what you choose to send.
12. Changes to this notice
We may update this notice; the version and date at the top will change when we do. Continued contribution after an update means you accept the current version.
13. Questions
Questions about this notice or our data practices: support@chordio.com.